[EVO] Ajouter les scripts de notifications

[EVO] Ajouter la gestion de l'unicast
[FIX] Mauvais nom de rôle dans les entêtes
2023-04-21 16:35:25 +02:00 · 2023-04-21 16:35:22 +02:00 · 2023-04-12 17:28:52 +02:00 · 2023-04-12 16:58:17 +02:00 · 2023-04-12 14:53:47 +00:00 · 2023-04-12 16:53:19 +02:00
11 changed files with 59 additions and 126 deletions
--- a/README.md
+++ b/README.md
@@ -58,12 +58,12 @@ Passer en unicast en utilisant cette liste d'IP.
 *<span style="text-decoration: underline">Valeur par défaut:</span> aucune*
-### keepalived_notify_script_enabled
+### keepalived_notify
-Booléen permettant d'activer le script de notification.<br>
+Dictionnaire comportant des booléens permettant d'activer les scripts en fonction de l'état.<br>
-Le script est déployé dans `/etc/keepalived/notify.sh`.
+Les scripts sont déployés dans `/srv/keepalived/notify_{master,backup,fault,stop}.sh`.
-*<span style="text-decoration: underline">Valeur par défaut:</span> `false`*
+*<span style="text-decoration: underline">Valeur par défaut:</span> `false` (pour chaque état)*
 ### keepalived_track_scripts
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -13,22 +13,21 @@ keepalived_ipv6: ""
 keepalived_peers: []
-keepalived_notify_enable: false
+keepalived_notify:
-keepalived_notify_pre: {}
+  - master: false
-keepalived_notify_is_master: {}
+  - backup: false
-keepalived_notify_is_backup: {}
+  - fault: false
-keepalived_notify_is_fault: {}
+  - stop: false
 keepalived_notify_by_default: {}
 keepalived_track_scripts: []
-# Example:
+# Exemple:
 #  - name: check_haproxy_8080
 #    command: /usr/bin/nc -zv 127.0.0.1 8080
 #  - name: check_haproxy_8081
 #    command: /usr/bin/nc -zv 127.0.0.1 8081
 keepalived_track_processes: []
-# Example:
+# Exemple:
 #  - name: check_haproxy
 #    search: /usr/sbin/haproxy
 #    quorum: 2
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -1,7 +1,7 @@
 ---
 # handlers file for keepalived
- name: Restart keepalived.service
+- name: Redémarrer keepalived.service
  become: true
  ansible.builtin.systemd:
    state: restarted
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -1,7 +1,7 @@
 galaxy_info:
  namespace: ykn
  author: pulsar89.5
-  description: Deploy keepalived
+  description: Rôle de déploiement de keepalived
  license: GPL-3.0-or-later
--- a/tasks/configuration.yml
+++ b/tasks/configuration.yml
@@ -1,37 +0,0 @@
 ---
 # tasks file for keepalived
 - name: Deploy configuration
  ansible.builtin.template:
    src: keepalived.j2
    dest: /etc/keepalived/keepalived.conf
    owner: root
    group: root
    mode: u=rw,g=r,o=r
  become: true
  notify: Restart keepalived.service
 - name: Deploy sudoers configuration
  ansible.builtin.template:
    src: sudoers.j2
    dest: /etc/sudoers.d/keepalived_script
    owner: root
    group: keepalived_script
    mode: u=rwx,g=rx,o=
    validate: /usr/sbin/visudo -cf %s
  when:
    - keepalived_notify_enable
    - keepalived_sudoers_cmd | length > 0
  become: true
  notify: Restart keepalived.service
 - name: Deploy notify script
  ansible.builtin.template:
    src: notify.bash.j2
    dest: /etc/keepalived/notify.bash
    owner: root
    group: keepalived_script
    mode: u=rwx,g=rx,o=
  when: keepalived_notify_enable
  become: true
  notify: Restart keepalived.service
--- a/tasks/installation.yml
+++ b/tasks/installation.yml
@@ -1,7 +0,0 @@
 ---
 # tasks file for keepalived
 - name: Install keepalived
  ansible.builtin.apt:
    name: keepalived
  become: true
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,10 +1,37 @@
 ---
 # tasks file for keepalived
- name: Import installation tasks
+- name: Installer le paquet
-  ansible.builtin.import_tasks:
+  ansible.builtin.apt:
-    file: installation.yml
+    name: keepalived
  become: true
- name: Import configuration tasks
+- name: Déployer la configuration
-  ansible.builtin.import_tasks:
+  ansible.builtin.template:
-    file: configuration.yml
+    owner: root
    group: root
    mode: u=rw,g=r,o=r
    src: keepalived.j2
    dest: /etc/keepalived/keepalived.conf
  become: true
  notify: Redémarrer keepalived.service
 - name: Créer le dossier de déploiement des scripts
  ansible.builtin.file:
    path: /srv/keepalived
    owner: root
    group: root
    mode: u=rwX,g=rX,o=
    state: directory
  become: true
 - name: Déployer les scripts
  ansible.builtin.copy:
    src: keepalived/notify_{{ state }}.sh
    dest: /srv/keepalived/
    mode: u=r,g=r,o=
  loop: "{{ keepalived_notify }}"
  loop_control:
    index_var: state
  become: true
  notify: Redémarrer keepalived.service
--- a/templates/keepalived.j2
+++ b/templates/keepalived.j2
@@ -13,14 +13,13 @@ global_defs {
    smtp_connect_timeout 30
 {% endif %}
  script_user keepalived_script
  enable_script_security
  max_auto_priority 50
 }
 {% for script in keepalived_track_scripts %}
 vrrp_script {{ script.name }} {
-  script "{{ script.command }}"
+  script {{ script.command }}
  interval {{ script.interval }}
 }
 {% endfor %}
@@ -42,13 +41,8 @@ vrrp_instance VIP_{{ keepalived_uid }} {
  advert_int 1
 {% if keepalived_peers | length > 0 %}
  unicast_src_ip {{ ansible_facts[keepalived_interface]['ipv4']['address'] }}
  unicast_peer {
-{% for peer in keepalived_peers %}
+    {{ keepalived_peers | join('\n') | indent(width=4) }}
 {% if peer != ansible_facts[keepalived_interface]['ipv4']['address'] %}
    {{ peer }}
 {% endif %}
 {% endfor %}
  }
 {% endif %}
@@ -64,8 +58,17 @@ vrrp_instance VIP_{{ keepalived_uid }} {
  }
 {% endif %}
-{% if keepalived_notify_enable %}
+{% if keepalived_notify_master | length > 0 %}
-  notify /etc/keepalived/notify.bash
+  notify_master {{ keepalived_notify_master.dst }}
 {% endif %}
 {% if keepalived_notify_backup | length > 0 %}
  notify_master {{ keepalived_notify_backup.dst }}
 {% endif %}
 {% if keepalived_notify_fault | length > 0 %}
  notify_master {{ keepalived_notify_fault.dst }}
 {% endif %}
 {% if keepalived_notify_stop | length > 0 %}
  notify_master {{ keepalived_notify_stop.dst }}
 {% endif %}
 {% if keepalived_track_scripts | length > 0 %}
--- a/templates/notify.bash.j2
+++ b/templates/notify.bash.j2
@@ -1,38 +0,0 @@
 #!/bin/bash
 # {{ ansible_managed }}
 TYPE=$1
 NAME=$2
 STATE=$3
 {% if keepalived_notify_pre | length > 0 %}
 {{ keepalived_notify_pre }}
 {% endif %}
 # Use keepalived state
 case $STATE in
 {% if keepalived_notify_is_master | length > 0 %}
  "MASTER")
    {{ keepalived_notify_is_master | indent(4) }}
    exit 0
  ;;
 {% endif %}
 {% if keepalived_notify_is_backup | length > 0 %}
  "BACKUP")
    {{ keepalived_notify_is_backup | indent(4) }}
    exit 0
  ;;
 {% endif %}
 {% if keepalived_notify_is_fault | length > 0 %}
  "FAULT")
    {{ keepalived_notify_is_fault | indent(4) }}
    exit 0
  ;;
 {% endif %}
 {% if keepalived_notify_by_default | length > 0 %}
  *)
    {{ keepalived_notify_by_default | indent(4) }}
    exit 1
  ;;
 {% endif %}
 esac
--- a/templates/sudoers.j2
+++ b/templates/sudoers.j2
@@ -1,5 +0,0 @@
 # {{ ansible_managed }}
 {% for cmd in keepalived_sudoers_cmd %}
 keepalived_script ALL=(ALL) NOPASSWD:{{ cmd }}
 {% endfor %}
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -1,9 +0,0 @@
 ---
 # vars file for keepalived
 users:
  - name: keepalived_script
    comment: "Dedicated user for keepalived script"
    update_password: on_create
    password_lock: true
    shell: /bin/bash
Author	SHA1	Message	Date
pulsar89.5	584ebe42e5	[EVO] Ajouter les scripts de notifications	2023-04-21 16:35:25 +02:00
pulsar89.5	4bc5f1e12a	[EVO] Ajouter la gestion de l'unicast	2023-04-21 16:35:22 +02:00
pulsar89.5	2ae07d3c35	[FIX] Mauvais nom de rôle dans les entêtes	2023-04-12 17:28:52 +02:00
pulsar89.5	225a8c8021	[DOC] Nettoyage	2023-04-12 16:58:17 +02:00
pu!s@r	570ceda411	Merge pull request '[INFO] Création du rôle' (#1 ) from alpha into master Reviewed-on: #1	2023-04-12 14:53:47 +00:00
pulsar89.5	434ec3ca1f	[INFO] Création du rôle	2023-04-12 16:53:19 +02:00